Skip to content

bugzilla
bugzilla
Commit 9488a890 authored by bbaetz%acm.org's avatar bbaetz%acm.org
Browse files
Options

Bug 201816 - use CGI.pm for header output

r=joel, a=justdave
parent c000c0a4
Show whitespace changes
Inline Side-by-side
Showing with 344 additions and 197 deletions
Bugzilla/Auth/CGI.pm
View file @ 9488a890
......@@ -70,9 +70,13 @@ sub login {
undef,
$userid, $ipaddr);
my $logincookie = $dbh->selectrow_array("SELECT LAST_INSERT_ID()");
my $cookiepath = Param("cookiepath");
print "Set-Cookie: Bugzilla_login=$userid ; path=$cookiepath; expires=Sun, 30-Jun-2029 00:00:00 GMT\n";
print "Set-Cookie: Bugzilla_logincookie=$logincookie ; path=$cookiepath; expires=Sun, 30-Jun-2029 00:00:00 GMT\n";
$cgi->send_cookie(-name => 'Bugzilla_login',
-value => $userid,
-expires => 'Fri, 01-Jan-2038 00:00:00 GMT');
$cgi->send_cookie(-name => 'Bugzilla_logincookie',
-value => $logincookie,
-expires => 'Fri, 01-Jan-2038 00:00:00 GMT');
# compat code. The cookie value is used for logouts, and that
# isn't generic yet.
......@@ -120,7 +124,7 @@ sub login {
if ($authres == AUTH_NODATA && $type == LOGIN_REQUIRED) {
# Throw up the login page
print "Content-Type: text/html\n\n";
print Bugzilla->cgi->header();
my $template = Bugzilla->template;
$template->process("account/auth/login.html.tmpl",
......@@ -152,9 +156,12 @@ sub login {
# The account may be disabled
if ($authres == AUTH_DISABLED) {
# Clear the cookie
my $cookiepath = Param("cookiepath");
print "Set-Cookie: Bugzilla_login= ; path=$cookiepath; expires=Sun, 30-Jun-80 00:00:00 GMT\n";
print "Set-Cookie: Bugzilla_logincookie= ; path=$cookiepath; expires=Sun, 30-Jun-80 00:00:00 GMT\n";
$cgi->send_cookie(-name => 'Bugzilla_login',
-expires => "Tue, 15-Sep-1998 21:49:00 GMT");
$cgi->send_cookie(-name => 'Bugzilla_logincookie',
-expires => "Tue, 15-Sep-1998 21:49:00 GMT");
# and throw a user error
&::ThrowUserError("account_disabled",
{'disabled_reason' => $extra});
......
Bugzilla/CGI.pm
View file @ 9488a890
......@@ -23,11 +23,12 @@ use strict;
package Bugzilla::CGI;
use CGI qw(-no_xhtml -oldstyle_urls :private_tempfiles);
use CGI qw(-no_xhtml -oldstyle_urls :private_tempfiles :unique_headers);
use base qw(CGI);
use Bugzilla::Util;
use Bugzilla::Config;
# We need to disable output buffering - see bug 179174
$| = 1;
......@@ -44,6 +45,9 @@ sub new {
my $self = $class->SUPER::new(@args);
# Make sure that we don't send any charset headers
$self->charset('');
# Check for errors
# All of the Bugzilla code wants to do this, so do it here instead of
# in each script
......@@ -62,20 +66,18 @@ sub new {
# multipart requests, and so should never happen unless there is a
# browser bug.
# Using CGI.pm to do this means that ThrowCodeError prints the
# content-type again...
#print $self->header(-status => $err);
print "Status: $err\n";
my $vars = {};
if ($err =~ m/(\d{3})\s(.*)/) {
$vars->{http_error_code} = $1;
$vars->{http_error_string} = $2;
} else {
$vars->{http_error_string} = $err;
}
&::ThrowCodeError("cgi_error", $vars);
print $self->header(-status => $err);
# ThrowCodeError wants to print the header, so it grabs Bugzilla->cgi
# which creates a new Bugzilla::CGI object, which fails again, which
# ends up here, and calls ThrowCodeError, and then recurses forever.
# So don't use it.
# In fact, we can't use templates at all, because we need a CGI object
# to determine the template lang as well as the current url (from the
# template)
# Since this is an internal error which indicates a severe browser bug,
# just die.
die "CGI parsing error: $err";
}
return $self;
......@@ -105,6 +107,46 @@ sub canonicalise_query {
return join("&", @parameters);
}
# CGI.pm makes this nph, but apache doesn't like that
sub multipart_init {
my $self = shift;
unshift(@_, '-nph' => undef);
return $self->SUPER::multipart_init(@_);
}
sub cookie {
my $self = shift;
# Add the default path in, but only if we're fetching stuff
# (This test fails for |$cgi->cookie(-name=>'x')| which _is_ meant to
# fetch, but thats an ugly notation for the fetch case which we shouldn't
# be using)
unshift(@_, '-path' => Param('cookiepath')) if scalar(@_)>1;
return $self->SUPER::cookie(@_);
}
# The various parts of Bugzilla which create cookies don't want to have to
# pass them arround to all of the callers. Instead, store them locally here,
# and then output as required from |headers|.
# This is done instead of just printing the result from the script, because
# we need to use |$r->header_out| under mod_perl (which is what CGI.pm
# does, and we need to match, plus if we don't |print| anything, we can turn
# off mod_perl/Apache's header parsing for a small perf gain)
sub send_cookie {
my $self = shift;
my $cookie = $self->cookie(@_);
# XXX - mod_perl
print "Set-Cookie: $cookie\r\n";
return;
}
1;
__END__
......@@ -149,4 +191,21 @@ I<Bugzilla::CGI> also includes additional functions.
This returns a sorted string of the parameters, suitable for use in a url.
Values in C<@exclude> are not included in the result.
=item C<cookie>
Identical to the CGI.pm C<cookie> routine, except that the cookie path is
automatically added.
=item C<send_cookie>
This routine is identical to CGI.pm's C<cookie> routine, except that the cookie
is sent to the browser, rather than returned. This should be used by all
Bugzilla code (instead of C<cookie> or the C<-cookie> argument to C<header>),
so that under mod_perl the headers can be sent correctly, using C<print> or
the mod_perl APIs as appropriate.
=back
=head1 SEE ALSO
L<CGI|CGI>, L<CGI::Cookie|CGI::Cookie>
Bugzilla/Constants.pm
View file @ 9488a890
......@@ -48,6 +48,7 @@ use base qw(Exporter);
LOGIN_REQUIRED
);
@Bugzilla::Constants::EXPORT_OK = qw(contenttypes);
# CONSTANTS
#
......@@ -94,4 +95,14 @@ use constant LOGIN_OPTIONAL => 0;
use constant LOGIN_NORMAL => 1;
use constant LOGIN_REQUIRED => 2;
use constant contenttypes =>
{
"html" => "text/html" ,
"rdf" => "application/xml" ,
"xml" => "text/xml" ,
"js" => "application/x-javascript" ,
"csv" => "text/plain" ,
"png" => "image/png" ,
};
1;
Bugzilla/Error.pm
View file @ 9488a890
......@@ -39,8 +39,7 @@ sub ThrowUserError {
Bugzilla->dbh->do("UNLOCK TABLES") if $unlock_tables;
# XXX - mod_perl
print "Content-type: text/html\n\n" if !$::vars->{'header_done'};
print Bugzilla->cgi->header();
my $template = Bugzilla->template;
$template->process("global/user-error.html.tmpl", $vars)
......
Bugzilla/Flag.pm
View file @ 9488a890
......@@ -587,7 +587,7 @@ sub notify {
my $rv =
$::template->process($template_file, $::vars, \$message);
if (!$rv) {
print "Content-Type: text/html\n\n" unless $::vars->{'header_done'};
Bugzilla->cgi->header();
&::ThrowTemplateError($::template->error());
}
......
Bugzilla/User.pm
View file @ 9488a890
......@@ -366,7 +366,7 @@ sub match_field {
$vars->{'matches'} = $matches; # matches that were made
$vars->{'matchsuccess'} = $matchsuccess; # continue or fail
print "Content-type: text/html\n\n";
print Bugzilla->cgi->header();
$::template->process("global/confirm-user-match.html.tmpl", $vars)
|| &::ThrowTemplateError($::template->error());
......
CGI.pl
View file @ 9488a890
......@@ -59,7 +59,7 @@ if (Param("shutdownhtml") && $0 !~ m:[\\/](do)?editparams.cgi$:) {
$::vars->{'message'} = "shutdown";
# Return the appropriate HTTP response headers.
print "Content-Type: text/html\n\n";
print Bugzilla->cgi->header();
# Generate and return an HTML message about the downtime.
$::template->process("global/message.html.tmpl", $::vars)
......@@ -320,7 +320,7 @@ sub ThrowCodeError {
$vars->{'variables'} = $extra_vars;
}
print "Content-type: text/html\n\n" if !$vars->{'header_done'};
print Bugzilla->cgi->header();
$template->process("global/code-error.html.tmpl", $vars)
|| ThrowTemplateError($template->error());
......
attachment.cgi
View file @ 9488a890
......@@ -33,7 +33,6 @@ use strict;
use lib qw(.);
use vars qw(
$cgi
$template
$vars
);
......@@ -63,6 +62,8 @@ quietly_check_login();
# to just above validateID().
my $bugid;
my $cgi = Bugzilla->cgi;
################################################################################
# Main Body Execution
################################################################################
......@@ -399,11 +400,12 @@ sub view
# Return the appropriate HTTP response headers.
$filename =~ s/^.*[\/\\]//;
my $filesize = length($thedata);
print qq{Content-Type: $contenttype; name="$filename"\n};
print qq{Content-Disposition: inline; filename=$filename\n};
print qq{Content-Length: $filesize\n};
print qq{\n$thedata};
print Bugzilla->cgi->header(-type=>"$contenttype; name=\"$filename\"",
-content_disposition=> "inline; filename=$filename\n",
-content_length => $filesize);
print $thedata;
}
......@@ -450,8 +452,7 @@ sub viewall
$vars->{'bugsummary'} = $bugsummary;
$vars->{'GetBugLink'} = \&GetBugLink;
# Return the appropriate HTTP response headers.
print "Content-Type: text/html\n\n";
print Bugzilla->cgi->header();
# Generate and return the UI (HTML page) from the appropriate template.
$template->process("attachment/show-multiple.html.tmpl", $vars)
......@@ -495,8 +496,7 @@ sub enter
$vars->{'bugsummary'} = $bugsummary;
$vars->{'GetBugLink'} = \&GetBugLink;
# Return the appropriate HTTP response headers.
print "Content-Type: text/html\n\n";
print Bugzilla->cgi->header();
# Generate and return the UI (HTML page) from the appropriate template.
$template->process("attachment/create.html.tmpl", $vars)
......@@ -604,8 +604,7 @@ sub insert
$vars->{'contenttypemethod'} = $::FORM{'contenttypemethod'};
$vars->{'contenttype'} = $::FORM{'contenttype'};
# Return the appropriate HTTP response headers.
print "Content-Type: text/html\n\n";
print Bugzilla->cgi->header();
# Generate and return the UI (HTML page) from the appropriate template.
$template->process("attachment/created.html.tmpl", $vars)
......@@ -667,8 +666,7 @@ sub edit
$vars->{'attachments'} = \@bugattachments;
$vars->{'GetBugLink'} = \&GetBugLink;
# Return the appropriate HTTP response headers.
print "Content-Type: text/html\n\n";
print Bugzilla->cgi->header();
# Generate and return the UI (HTML page) from the appropriate template.
$template->process("attachment/edit.html.tmpl", $vars)
......@@ -815,8 +813,7 @@ sub update
$vars->{'attachid'} = $::FORM{'id'};
$vars->{'bugid'} = $bugid;
# Return the appropriate HTTP response headers.
print "Content-Type: text/html\n\n";
print Bugzilla->cgi->header();
# Generate and return the UI (HTML page) from the appropriate template.
$template->process("attachment/updated.html.tmpl", $vars)
......
buglist.cgi
View file @ 9488a890
......@@ -33,7 +33,7 @@ use strict;
use lib qw(.);
use vars qw($cgi $template $vars);
use vars qw($template $vars);
use Bugzilla;
use Bugzilla::Search;
......@@ -56,8 +56,10 @@ use vars qw($db_name
$userid
@versions);
my $cgi = Bugzilla->cgi;
if (length($::buffer) == 0) {
print "Refresh: 10; URL=query.cgi\n";
print $cgi->header(-refresh=> '10; URL=query.cgi');
ThrowUserError("buglist_parameters_required");
}
......@@ -131,8 +133,7 @@ if ($::FORM{'regetlastlist'}) {
if ($::buffer =~ /&cmd-/) {
my $url = "query.cgi?$::buffer#chart";
print "Refresh: 0; URL=$url\n";
print "Content-Type: text/html\n\n";
print $cgi->redirect(-location => $url);
# Generate and return the UI (HTML page) from the appropriate template.
$vars->{'message'} = "buglist_adding_field";
$vars->{'url'} = $url;
......@@ -257,8 +258,7 @@ if ($::FORM{'cmdtype'} eq "dorem") {
}
elsif ($::FORM{'remaction'} eq "load") {
my $url = "query.cgi?" . LookupNamedQuery($::FORM{"namedcmd"});
print "Refresh: 0; URL=$url\n";
print "Content-Type: text/html\n\n";
print $cgi->redirect(-location=>$url);
# Generate and return the UI (HTML page) from the appropriate template.
$vars->{'message'} = "buglist_load_named_query";
$vars->{'namedcmd'} = $::FORM{'namedcmd'};
......@@ -282,7 +282,7 @@ if ($::FORM{'cmdtype'} eq "dorem") {
$count++;
}
print "Content-Type: text/html\n\n";
print $cgi->header();
# Generate and return the UI (HTML page) from the appropriate template.
$vars->{'message'} = "buglist_query_gone";
$vars->{'namedcmd'} = $::FORM{'namedcmd'};
......@@ -535,8 +535,8 @@ if ($order) {
if (!grep($fragment =~ /^\Q$_\E(\s+(asc|desc))?$/, @columnnames)) {
$vars->{'fragment'} = $fragment;
if ($order_from_cookie) {
my $cookiepath = Param("cookiepath");
print "Set-Cookie: LASTORDER= ; path=$cookiepath; expires=Sun, 30-Jun-80 00:00:00 GMT\n";
$cgi->send_cookie(-name => 'LASTORDER',
-expires => 'Tue, 15-Sep-1998 21:49:00 GMT');
ThrowCodeError("invalid_column_name_cookie");
}
else {
......@@ -618,15 +618,15 @@ $query .= " ORDER BY $db_order " if ($order);
# Time to use server push to display an interim message to the user until
# the query completes and we can display the bug list.
if ($serverpush) {
# Generate HTTP headers.
print "Content-Disposition: inline; filename=$filename\n";
print "Content-Type: multipart/x-mixed-replace;boundary=thisrandomstring\n\n";
print "--thisrandomstring\n";
print "Content-Type: text/html\n\n";
print $cgi->multipart_init(-content_disposition => "inline; filename=$filename");
print $cgi->multipart_start();
# Generate and return the UI (HTML page) from the appropriate template.
$template->process("list/server-push.html.tmpl", $vars)
|| ThrowTemplateError($template->error());
print $cgi->multipart_end();
}
# Connect to the shadow database if this installation is using one to improve
......@@ -800,39 +800,47 @@ if ($dotweak) {
# HTTP Header Generation
################################################################################
# If we are doing server push, output a separator string.
print "\n--thisrandomstring\n" if $serverpush;
# Generate HTTP headers
# Suggest a name for the bug list if the user wants to save it as a file.
# If we are doing server push, then we did this already in the HTTP headers
# that started the server push, so we don't have to do it again here.
print "Content-Disposition: inline; filename=$filename\n" unless $serverpush;
my $contenttype;
if ($format->{'extension'} eq "html") {
my $cookiepath = Param("cookiepath");
print "Content-Type: text/html\n";
if ($order) {
my $qorder = url_quote($order);
print "Set-Cookie: LASTORDER=$qorder ; path=$cookiepath; expires=Sun, 30-Jun-2029 00:00:00 GMT\n";
$cgi->send_cookie(-name => 'LASTORDER',
-value => $qorder,
-expires => 'Fri, 01-Jan-2038 00:00:00 GMT');
}
my $bugids = join(":", @bugidlist);
# See also Bug 111999
if (length($bugids) < 4000) {
print "Set-Cookie: BUGLIST=$bugids ; path=$cookiepath; expires=Sun, 30-Jun-2029 00:00:00 GMT\n";
$cgi->send_cookie(-name => 'BUGLIST',
-value => $bugids,
-expires => 'Fri, 01-Jan-2038 00:00:00 GMT');
}
else {
print "Set-Cookie: BUGLIST= ; path=$cookiepath; expires=Sun, 30-Jun-2029 00:00:00 GMT\n";
$cgi->send_cookie(-name => 'BUGLIST',
-expires => 'Tue, 15-Sep-1998 21:49:00 GMT');
$vars->{'toolong'} = 1;
}
$contenttype = "text/html";
}
else {
print "Content-Type: $format->{'ctype'}\n";
$contenttype = $format->{'ctype'};
}
print "\n"; # end HTTP headers
if ($serverpush) {
print $cgi->multipart_start(-type=>$contenttype);
} else {
# Suggest a name for the bug list if the user wants to save it as a file.
# If we are doing server push, then we did this already in the HTTP headers
# that started the server push, so we don't have to do it again here.
print $cgi->header(-type => $contenttype,
-content_disposition => "inline; filename=$filename");
}
################################################################################
......@@ -848,4 +856,4 @@ $template->process($format->{'template'}, $vars)
# Script Conclusion
################################################################################
print "\n--thisrandomstring--\n" if $serverpush;
print $cgi->multipart_final() if $serverpush;
checksetup.pl
View file @ 9488a890
......@@ -211,7 +211,7 @@ my $modules = [
},
{
name => 'CGI',
version => '2.88'
version => '2.93'
},
{
name => 'Data::Dumper',
......@@ -587,24 +587,6 @@ LocalVar('platforms', '
);
');
LocalVar('contenttypes', '
#
# The types of content that template files can generate, indexed by file extension.
#
$contenttypes = {
"html" => "text/html" ,
"rdf" => "application/xml" ,
"xml" => "text/xml" ,
"js" => "application/x-javascript" ,
"csv" => "text/plain" ,
"png" => "image/png" ,
};
');
if ($newstuff ne "") {
print "\nThis version of Bugzilla contains some variables that you may want\n",
"to change and adapt to your local settings. Please edit the file\n",
......
colchange.cgi
View file @ 9488a890
......@@ -32,6 +32,8 @@ use vars qw(
$vars
);
use Bugzilla;
require "CGI.pl";
ConnectToDatabase();
......@@ -39,6 +41,8 @@ quietly_check_login();
GetVersionTable();
my $cgi = Bugzilla->cgi;
# The master list not only says what fields are possible, but what order
# they get displayed in.
my @masterlist = ("opendate", "changeddate", "bug_severity", "priority",
......@@ -87,12 +91,15 @@ if (defined $::FORM{'rememberedquery'}) {
}
my $list = join(" ", @collist);
my $urlbase = Param("urlbase");
my $cookiepath = Param("cookiepath");
print "Set-Cookie: COLUMNLIST=$list ; path=$cookiepath ; expires=Sun, 30-Jun-2029 00:00:00 GMT\n";
print "Set-Cookie: SPLITHEADER=$::FORM{'splitheader'} ; path=$cookiepath ; expires=Sun, 30-Jun-2029 00:00:00 GMT\n";
print "Refresh: 0; URL=buglist.cgi?$::FORM{'rememberedquery'}\n";
print "Content-type: text/html\n\n";
$cgi->send_cookie(-name => 'COLUMNLIST',
-value => $list,
-expires => 'Fri, 01-Jan-2038 00:00:00 GMT');
$cgi->send_cookie(-name => 'SPLITHEADER',
-value => $::FORM{'splitheader'},
-expires => 'Fri, 01-Jan-2038 00:00:00 GMT');
print $cgi->redirect("buglist.cgi?$::FORM{'rememberedquery'}");
$vars->{'message'} = "change_columns";
$template->process("global/message.html.tmpl", $vars)
|| ThrowTemplateError($template->error());
......@@ -111,6 +118,6 @@ $vars->{'splitheader'} = $::COOKIE{'SPLITHEADER'} ? 1 : 0;
$vars->{'buffer'} = $::buffer;
# Generate and return the UI (HTML page) from the appropriate template.
print "Content-type: text/html\n\n";
print $cgi->header();
$template->process("list/change-columns.html.tmpl", $vars)
|| ThrowTemplateError($template->error());
createaccount.cgi
View file @ 9488a890
......@@ -47,13 +47,16 @@ unless (Bugzilla::Auth->can_edit) {
ThrowUserError("auth_cant_create_account");
}
my $cgi = Bugzilla->cgi;
# Clear out the login cookies. Make people log in again if they create an
# account; otherwise, they'll probably get confused.
my $cookiepath = Param("cookiepath");
print "Set-Cookie: Bugzilla_login= ; path=$cookiepath; expires=Sun, 30-Jun-80 00:00:00 GMT
Set-Cookie: Bugzilla_logincookie= ; path=$cookiepath; expires=Sun, 30-Jun-80 00:00:00 GMT\n";
$cgi->send_cookie(-name => 'Bugzilla_login',
-expires => 'Tue, 15-Sep-1998 21:49:00 GMT');
$cgi->send_cookie(-name => 'Bugzilla_logincookie',
-expires => 'Tue, 15-Sep-1998 21:49:00 GMT');
print "Content-Type: text/html\n\n";
print $cgi->header();
my $login = $::FORM{'login'};
......
describecomponents.cgi
View file @ 9488a890
......@@ -31,6 +31,8 @@ use strict;
use lib qw(.);
use Bugzilla;
require "CGI.pl";
ConnectToDatabase();
......@@ -38,6 +40,8 @@ quietly_check_login();
GetVersionTable();
my $cgi = Bugzilla->cgi;
if (!defined $::FORM{'product'}) {
# Reference to a subset of %::proddesc, which the user is allowed to see
my %products;
......@@ -63,7 +67,7 @@ if (!defined $::FORM{'product'}) {
$::vars->{'proddesc'} = \%products;
$::vars->{'target'} = "describecomponents.cgi";
print "Content-type: text/html\n\n";
print $cgi->header();
$::template->process("global/choose-product.html.tmpl", $::vars)
|| ThrowTemplateError($::template->error());
exit;
......@@ -118,7 +122,7 @@ while (MoreSQLData()) {
$::vars->{'product'} = $product;
$::vars->{'components'} = \@components;
print "Content-type: text/html\n\n";
print $cgi->header();
$::template->process("reports/components.html.tmpl", $::vars)
|| ThrowTemplateError($::template->error());
describekeywords.cgi
View file @ 9488a890
......@@ -24,6 +24,8 @@
use strict;
use lib ".";
use Bugzilla;
require "CGI.pl";
# Use the global template variables.
......@@ -33,6 +35,8 @@ ConnectToDatabase();
quietly_check_login();
my $cgi = Bugzilla->cgi;
SendSQL("SELECT keyworddefs.name, keyworddefs.description,
COUNT(keywords.bug_id)
FROM keyworddefs LEFT JOIN keywords ON keyworddefs.id=keywords.keywordid
......@@ -52,6 +56,6 @@ while (MoreSQLData()) {
$vars->{'keywords'} = \@keywords;
$vars->{'caneditkeywords'} = UserInGroup("editkeywords");
print "Content-type: text/html\n\n";
print Bugzilla->cgi->header();
$template->process("reports/keywords.html.tmpl", $vars)
|| ThrowTemplateError($template->error());
doeditparams.cgi
View file @ 9488a890
......@@ -25,6 +25,7 @@ use strict;
use lib qw(.);
use Bugzilla;
use Bugzilla::Config qw(:DEFAULT :admin);
require "CGI.pl";
......@@ -34,7 +35,9 @@ use vars %::MFORM;
ConnectToDatabase();
confirm_login();
print "Content-type: text/html\n\n";
my $cgi = Bugzilla->cgi;
print $cgi->header();
if (!UserInGroup("tweakparams")) {
print "<H1>Sorry, you aren't a member of the 'tweakparams' group.</H1>\n";
......
duplicates.cgi
View file @ 9488a890
......@@ -36,15 +36,18 @@ use vars qw($buffer);
use Bugzilla;
use Bugzilla::Search;
use Bugzilla::CGI;
my $cgi = Bugzilla->cgi;
# Go directly to the XUL version of the duplicates report (duplicates.xul)
# if the user specified ctype=xul. Adds params if they exist, and directs
# the user to a signed copy of the script in duplicates.jar if it exists.
if ($::FORM{'ctype'} && $::FORM{'ctype'} eq "xul") {
my $params = CanonicaliseParams($::buffer, ["format", "ctype"]);
print "Location: " . (-e "duplicates.jar" ? "duplicates.jar!/" : "") .
my $url = (-e "duplicates.jar" ? "duplicates.jar!/" : "") .
"duplicates.xul" . ($params ? "?$params" : "") . "\n\n";
print $cgi->redirect($url);
exit;
}
......@@ -262,7 +265,7 @@ $vars->{'products'} = \@::legal_product;
my $format =
GetFormat("reports/duplicates", $::FORM{'format'}, $::FORM{'ctype'});
print "Content-Type: $format->{'ctype'}\n\n";
print $cgi->header($format->{'ctype'});
# Generate and return the UI (HTML page) from the appropriate template.
$template->process($format->{'template'}, $vars)
......
editcomponents.cgi
View file @ 9488a890
......@@ -191,7 +191,7 @@ sub PutTrailer (@)
ConnectToDatabase();
confirm_login();
print "Content-type: text/html\n\n";
print Bugzilla->cgi->header();
unless (UserInGroup("editcomponents")) {
PutHeader("Not allowed");
......
editflagtypes.cgi
View file @ 9488a890
......@@ -35,6 +35,7 @@ require "CGI.pl";
ConnectToDatabase();
# Use Bugzilla's flag modules for handling flag types.
use Bugzilla;
use Bugzilla::Flag;
use Bugzilla::FlagType;
......@@ -94,7 +95,7 @@ sub list {
Bugzilla::FlagType::match({ 'target_type' => 'attachment' }, 1);
# Return the appropriate HTTP response headers.
print "Content-type: text/html\n\n";
print Bugzilla->cgi->header();
# Generate and return the UI (HTML page) from the appropriate template.
$template->process("admin/flag-type/list.html.tmpl", $vars)
......@@ -138,7 +139,7 @@ sub edit {
}
# Return the appropriate HTTP response headers.
print "Content-type: text/html\n\n";
print Bugzilla->cgi->header();
# Generate and return the UI (HTML page) from the appropriate template.
$template->process("admin/flag-type/edit.html.tmpl", $vars)
......@@ -189,7 +190,7 @@ sub processCategoryChange {
$vars->{'type'} = $type;
# Return the appropriate HTTP response headers.
print "Content-type: text/html\n\n";
print Bugzilla->cgi->header();
# Generate and return the UI (HTML page) from the appropriate template.
$template->process("admin/flag-type/edit.html.tmpl", $vars)
......@@ -246,7 +247,7 @@ sub insert {
$vars->{'message'} = "flag_type_created";
# Return the appropriate HTTP response headers.
print "Content-type: text/html\n\n";
print Bugzilla->cgi->header();
# Generate and return the UI (HTML page) from the appropriate template.
$template->process("global/message.html.tmpl", $vars)
......@@ -328,7 +329,7 @@ sub update {
$vars->{'message'} = "flag_type_changes_saved";
# Return the appropriate HTTP response headers.
print "Content-type: text/html\n\n";
print Bugzilla->cgi->header();
# Generate and return the UI (HTML page) from the appropriate template.
$template->process("global/message.html.tmpl", $vars)
......@@ -348,7 +349,7 @@ sub confirmDelete
$vars->{'flag_count'} = scalar($count);
# Return the appropriate HTTP response headers.
print "Content-type: text/html\n\n";
print Bugzilla->cgi->header();
# Generate and return the UI (HTML page) from the appropriate template.
$template->process("admin/flag-type/confirm-delete.html.tmpl", $vars)
......@@ -380,7 +381,7 @@ sub delete {
$vars->{'message'} = "flag_type_deleted";
# Return the appropriate HTTP response headers.
print "Content-type: text/html\n\n";
print Bugzilla->cgi->header();
# Generate and return the UI (HTML page) from the appropriate template.
$template->process("global/message.html.tmpl", $vars)
......@@ -400,7 +401,7 @@ sub deactivate {
$vars->{'flag_type'} = Bugzilla::FlagType::get($::FORM{'id'});
# Return the appropriate HTTP response headers.
print "Content-type: text/html\n\n";
print Bugzilla->cgi->header();
# Generate and return the UI (HTML page) from the appropriate template.
$template->process("global/message.html.tmpl", $vars)
......
editgroups.cgi
View file @ 9488a890
......@@ -33,7 +33,7 @@ require "CGI.pl";
ConnectToDatabase();
confirm_login();
print "Content-type: text/html\n\n";
print Bugzilla->cgi->header();
if (!UserInGroup("creategroups")) {
PutHeader("Not Authorized","Edit Groups","","Not Authorized for this function!");
......
editkeywords.cgi
View file @ 9488a890
......@@ -110,7 +110,7 @@ sub Validate ($$) {
ConnectToDatabase();
confirm_login();
print "Content-type: text/html\n\n";
print Bugzilla->cgi->header();
unless (UserInGroup("editkeywords")) {
PutHeader("Not allowed");
......
editmilestones.cgi
View file @ 9488a890
......@@ -148,7 +148,7 @@ sub PutTrailer (@)
ConnectToDatabase();
confirm_login();
print "Content-type: text/html\n\n";
print Bugzilla->cgi->header();
unless (UserInGroup("editcomponents")) {
PutHeader("Not allowed");
......
editparams.cgi
View file @ 9488a890
......@@ -32,7 +32,7 @@ require "CGI.pl";
ConnectToDatabase();
confirm_login();
print "Content-type: text/html\n\n";
print Bugzilla->cgi->header();
if (!UserInGroup("tweakparams")) {
print "<H1>Sorry, you aren't a member of the 'tweakparams' group.</H1>\n";
......
editproducts.cgi
View file @ 9488a890
......@@ -178,7 +178,7 @@ sub PutTrailer (@)
ConnectToDatabase();
confirm_login();
print "Content-type: text/html\n\n";
print Bugzilla->cgi->header();
unless (UserInGroup("editcomponents")) {
PutHeader("Not allowed");
......
editusers.cgi
View file @ 9488a890
......@@ -236,7 +236,7 @@ sub PutTrailer (@)
ConnectToDatabase();
confirm_login();
print "Content-type: text/html\n\n";
print Bugzilla->cgi->header();
$editall = UserInGroup("editusers");
......
editversions.cgi
View file @ 9488a890
......@@ -157,7 +157,7 @@ sub PutTrailer (@)
ConnectToDatabase();
confirm_login();
print "Content-type: text/html\n\n";
print Bugzilla->cgi->header();
unless (UserInGroup("editcomponents")) {
PutHeader("Not allowed");
......
enter_bug.cgi
View file @ 9488a890
......@@ -36,6 +36,7 @@ use strict;
use lib qw(.);
use Bugzilla;
use Bugzilla::Constants;
require "CGI.pl";
......@@ -65,6 +66,8 @@ ConnectToDatabase();
# user is right from the start.
confirm_login() if AnyEntryGroups();
my $cgi = Bugzilla->cgi;
if (!defined $::FORM{'product'}) {
GetVersionTable();
quietly_check_login();
......@@ -88,7 +91,7 @@ if (!defined $::FORM{'product'}) {
$vars->{'target'} = "enter_bug.cgi";
$vars->{'format'} = $::FORM{'format'};
print "Content-type: text/html\n\n";
print $cgi->header();
$template->process("global/choose-product.html.tmpl", $vars)
|| ThrowTemplateError($template->error());
exit;
......@@ -364,7 +367,7 @@ $vars->{'use_keywords'} = 1 if (@::legal_keywords);
my $format =
GetFormat("bug/create/create", $::FORM{'format'}, $::FORM{'ctype'});
print "Content-type: $format->{'ctype'}\n\n";
print $cgi->header($format->{'ctype'});
$template->process($format->{'template'}, $vars)
|| ThrowTemplateError($template->error());
globals.pl
View file @ 9488a890
......@@ -40,7 +40,6 @@ use Bugzilla::Config qw(:DEFAULT ChmodDataFile);
sub globals_pl_sillyness {
my $zz;
$zz = @main::SqlStateStack;
$zz = $main::contenttypes;
$zz = @main::default_column_list;
$zz = $main::defaultqueryname;
$zz = @main::enterable_products;
......@@ -1536,7 +1535,7 @@ sub GetFormat {
{
'template' => $template ,
'extension' => $ctype ,
'ctype' => $::contenttypes->{$ctype} ,
'ctype' => Bugzilla::Constants::contenttypes->{$ctype} ,
};
}
......
importxml.pl
View file @ 9488a890
......@@ -59,6 +59,8 @@ BEGIN {
chdir $::path;
use lib ($::path);
use Bugzilla;
use XML::Parser;
use Data::Dumper;
$Data::Dumper::Useqq = 1;
......@@ -136,7 +138,7 @@ sub Lock {
open(LOCKFID, ">>data/maillock") || die "Can't open data/maillock: $!";
my $val = flock(LOCKFID,2);
if (!$val) { # '2' is magic 'exclusive lock' const.
print "Content-type: text/html\n\n";
print Bugzilla->cgi->header();
print "Lock failed: $val\n";
}
chmod 0666, "data/maillock";
......
index.cgi
View file @ 9488a890
......@@ -51,10 +51,12 @@ quietly_check_login('permit_anonymous');
# Main Body Execution
###############################################################################
my $cgi = Bugzilla->cgi;
$vars->{'username'} = $::COOKIE{'Bugzilla_login'} || '';
# Return the appropriate HTTP response headers.
print "Content-Type: text/html\n\n";
print $cgi->header();
# Generate and return the UI (HTML page) from the appropriate template.
$template->process("index.html.tmpl", $vars)
......
long_list.cgi
View file @ 9488a890
......@@ -24,6 +24,8 @@
use strict;
use lib qw(.);
use Bugzilla;
require "CGI.pl";
use vars qw($userid @legal_keywords %FORM);
......@@ -37,6 +39,8 @@ quietly_check_login();
GetVersionTable();
my $cgi = Bugzilla->cgi;
my $generic_query = "
SELECT
bugs.bug_id,
......@@ -116,8 +120,7 @@ my @time = localtime(time());
my $date = sprintf "%04d-%02d-%02d", 1900+$time[5],$time[4]+1,$time[3];
my $filename = "bugs-$date.html";
print "Content-Type: text/html\n";
print "Content-Disposition: inline; filename=$filename\n\n";
print $cgi->header(-content_disposition => "inline; filename=$filename");
# Generate and return the UI (HTML page) from the appropriate template.
$template->process("bug/show-multiple.html.tmpl", $vars)
......
move.pl
View file @ 9488a890
......@@ -31,6 +31,7 @@ require "CGI.pl";
use vars qw($template $userid %COOKIE);
use Bug;
use Bugzilla;
use Bugzilla::BugMail;
$::lockcount = 0;
......@@ -44,6 +45,8 @@ unless ( Param("move-enabled") ) {
ConnectToDatabase();
confirm_login();
my $cgi = Bugzilla->cgi;
sub Log {
my ($str) = (@_);
Lock();
......@@ -59,7 +62,7 @@ sub Lock {
open(LOCKFID, ">>data/maillock") || die "Can't open data/maillock: $!";
my $val = flock(LOCKFID,2);
if (!$val) { # '2' is magic 'exclusive lock' const.
print "Content-type: text/html\n\n";
print $cgi->header();
print "Lock failed: $val\n";
}
chmod 0666, "data/maillock";
......@@ -76,7 +79,7 @@ sub Unlock {
}
if ( !defined $::FORM{'buglist'} ) {
print "Content-type: text/html\n\n";
print $cgi->header();
PutHeader("Move Bugs");
print "Move bugs either from the bug display page or perform a ";
print "<A HREF=\"query.cgi\">query</A> and change several bugs at once.\n";
......@@ -91,7 +94,7 @@ my $movers = Param("movers");
$movers =~ s/\s?,\s?/|/g;
$movers =~ s/@/\@/g;
unless ($exporter =~ /($movers)/) {
print "Content-type: text/html\n\n";
print $cgi->header();
PutHeader("Move Bugs");
print "<P>You do not have permission to move bugs<P>\n";
PutFooter();
......
page.cgi
View file @ 9488a890
......@@ -31,6 +31,9 @@
use strict;
use lib ".";
use Bugzilla;
require "CGI.pl";
use vars qw($template $vars);
......@@ -39,6 +42,8 @@ ConnectToDatabase();
quietly_check_login();
my $cgi = Bugzilla->cgi;
if ($::FORM{'id'}) {
# Remove all dodgy chars, and split into name and ctype.
$::FORM{'id'} =~ s/[^\w\-\.]//g;
......@@ -48,7 +53,7 @@ if ($::FORM{'id'}) {
$vars->{'form'} = \%::FORM;
print "Content-Type: $format->{'ctype'}\n\n";
print $cgi->header($format->{'ctype'});
$template->process("pages/$format->{'template'}", $vars)
|| ThrowTemplateError($template->error());
......
post_bug.cgi
View file @ 9488a890
......@@ -26,6 +26,7 @@
use strict;
use lib qw(.);
use Bugzilla;
use Bugzilla::Constants;
require "CGI.pl";
......@@ -55,6 +56,8 @@ use vars qw($vars $template);
ConnectToDatabase();
my $whoid = confirm_login();
my $cgi = Bugzilla->cgi;
# do a match on the fields if applicable
&Bugzilla::User::match_field ({
......@@ -86,15 +89,16 @@ if (!$product_id) {
my $cookiepath = Param("cookiepath");
if (exists $::FORM{'product'}) {
if (exists $::FORM{'version'}) {
print "Set-Cookie: VERSION-$product=$::FORM{'version'} ; " .
"path=$cookiepath ; expires=Sun, 30-Jun-2029 00:00:00 GMT\n";
$cgi->send_cookie(-name => "VERSION-$product",
-value => $cgi->param('version'),
-expires => "Fri, 01-Jan-2038 00:00:00 GMT");
}
}
if (defined $::FORM{'maketemplate'}) {
$vars->{'url'} = $::buffer;
print "Content-type: text/html\n\n";
print $cgi->header();
$template->process("bug/create/make-template.html.tmpl", $vars)
|| ThrowTemplateError($template->error());
exit;
......@@ -491,7 +495,7 @@ if ($::COOKIE{"BUGLIST"}) {
}
$vars->{'bug_list'} = \@bug_list;
print "Content-type: text/html\n\n";
print $cgi->header();
$template->process("bug/create/created.html.tmpl", $vars)
|| ThrowTemplateError($template->error());
......
process_bug.cgi
View file @ 9488a890
......@@ -31,6 +31,7 @@ my $UserInCanConfirmGroupSet = -1;
use lib qw(.);
use Bugzilla;
use Bugzilla::Constants;
require "CGI.pl";
......@@ -58,6 +59,8 @@ use vars qw(%versions
ConnectToDatabase();
my $whoid = confirm_login();
my $cgi = Bugzilla->cgi;
my $requiremilestone = 0;
use vars qw($template $vars);
......@@ -143,7 +146,7 @@ foreach my $field ("dependson", "blocked") {
# End Data/Security Validation
######################################################################
print "Content-type: text/html\n\n";
print $cgi->header();
$vars->{'title_tag'} = "bug_processed";
# Set the title if we can see a mid-air coming. This test may have false
......@@ -493,7 +496,7 @@ sub DuplicateUserConfirm {
# Confirm whether or not to add the reporter to the cc: list
# of the original bug (the one this bug is being duped against).
print "Content-type: text/html\n\n";
print Bugzilla->cgi->header();
$template->process("bug/process/confirm-duplicate.html.tmpl", $vars)
|| ThrowTemplateError($template->error());
exit;
......
query.cgi
View file @ 9488a890
......@@ -50,6 +50,9 @@ use vars qw(
);
ConnectToDatabase();
my $cgi = Bugzilla->cgi;
my $userid = 0;
if (defined $::FORM{"GoAheadAndLogIn"}) {
# We got here from a login page, probably from relogin.cgi. We better
......@@ -87,8 +90,8 @@ if ($userid) {
"($userid, $qname, " . SqlQuote($value) . ")");
}
}
print "Set-Cookie: $cookiename= ; path=" . Param("cookiepath") .
"; expires=Sun, 30-Jun-1980 00:00:00 GMT\n";
$cgi->send_cookie(-name => $cookiename,
-expires => "Fri, 01-Jan-2038 00:00:00 GMT");
}
}
}
......@@ -398,6 +401,8 @@ $vars->{'format'} = $::FORM{'format'};
my $format = GetFormat("search/search",
$::FORM{'query_format'} || $::FORM{'format'},
$::FORM{'ctype'});
print "Content-Type: $format->{'ctype'}\n\n";
print $cgi->header($format->{'ctype'});
$template->process($format->{'template'}, $vars)
|| ThrowTemplateError($template->error());
queryhelp.cgi
View file @ 9488a890
......@@ -35,7 +35,7 @@ quietly_check_login();
GetVersionTable();
print "Content-type: text/html\n\n";
print Bugzilla->cgi->header();
my $product = $::FORM{'product'};
......
quips.cgi
View file @ 9488a890
......@@ -39,6 +39,8 @@ require "CGI.pl";
ConnectToDatabase();
confirm_login();
my $cgi = Bugzilla->cgi;
if (Param('enablequips') eq "off") {
ThrowUserError("quips_disabled");
}
......@@ -129,6 +131,6 @@ if ($action eq "delete") {
SendSQL("DELETE FROM quips WHERE quipid = $quipid");
}
print "Content-type: text/html\n\n";
print $cgi->header();
$template->process("list/quips.html.tmpl", $vars)
|| ThrowTemplateError($template->error());
relogin.cgi
View file @ 9488a890
......@@ -37,6 +37,8 @@ require "CGI.pl";
ConnectToDatabase();
quietly_check_login();
my $cgi = Bugzilla->cgi;
if ($::userid) {
# Even though we know the userid must match, we still check it in the
# SQL as a sanity check, since there is no locking here, and if
......@@ -49,17 +51,17 @@ if ($::userid) {
"AND userid = $::userid");
}
my $cookiepath = Param("cookiepath");
print "Set-Cookie: Bugzilla_login= ; path=$cookiepath; expires=Sun, 30-Jun-80 00:00:00 GMT
Set-Cookie: Bugzilla_logincookie= ; path=$cookiepath; expires=Sun, 30-Jun-80 00:00:00 GMT
";
$cgi->send_cookie(-name => "Bugzilla_login",
-expires => "Tue, 15-Sep-1998 21:49:00 GMT");
$cgi->send_cookie(-name => "Bugzilla_logincookie",
-expires => "Tue, 15-Sep-1998 21:49:00 GMT");
delete $::COOKIE{"Bugzilla_login"};
$vars->{'message'} = "logged_out";
$vars->{'user'} = {};
print "Content-Type: text/html\n\n";
print $cgi->header();
$template->process("global/message.html.tmpl", $vars)
|| ThrowTemplateError($template->error());
......
report.cgi
View file @ 9488a890
......@@ -26,15 +26,19 @@ use lib ".";
require "CGI.pl";
use vars qw($cgi $template $vars);
use vars qw($template $vars);
use Bugzilla;
my $cgi = Bugzilla->cgi;
# Go straight back to query.cgi if we are adding a boolean chart.
if (grep(/^cmd-/, $cgi->param())) {
my $params = $cgi->canonicalise_query("format", "ctype");
print "Location: query.cgi?format=" . $cgi->param('query_format') .
my $location = "query.cgi?format=" . $cgi->param('query_format') .
($params ? "&$params" : "") . "\n\n";
print $cgi->redirect($location);
exit;
}
......@@ -52,7 +56,7 @@ my $action = $cgi->param('action') || 'menu';
if ($action eq "menu") {
# No need to do any searching in this case, so bail out early.
print "Content-Type: text/html\n\n";
print $cgi->header();
$template->process("reports/menu.html.tmpl", $vars)
|| ThrowTemplateError($template->error());
exit;
......@@ -276,8 +280,8 @@ $format->{'ctype'} = "text/html" if $::FORM{'debug'};
my @time = localtime(time());
my $date = sprintf "%04d-%02d-%02d", 1900+$time[5],$time[4]+1,$time[3];
my $filename = "report-$date.$format->{extension}";
print "Content-Disposition: inline; filename=$filename\n";
print "Content-Type: $format->{'ctype'}\n\n";
print $cgi->header(-type => $format->{'ctype'},
-content_disposition => "inline; filename=$filename");
# Problems with this CGI are often due to malformed data. Setting debug=1
# prints out both data structures.
......
reports.cgi
View file @ 9488a890
......@@ -62,6 +62,8 @@ GetVersionTable();
Bugzilla->switch_to_shadow_db();
my $cgi = Bugzilla->cgi;
# We only want those products that the user has permissions for.
my @myproducts;
push( @myproducts, "-All-");
......@@ -69,7 +71,7 @@ push( @myproducts, GetSelectableProducts());
if (! defined $FORM{'product'}) {
print "Content-type: text/html\n\n";
print $cgi->header();
PutHeader("Bug Charts");
choose_product(@myproducts);
PutFooter();
......@@ -93,10 +95,7 @@ if (! defined $FORM{'product'}) {
# This means that is OK to detaint
trick_taint($FORM{'product'});
# Output appropriate HTTP response headers
print "Content-type: text/html\n";
# Changing attachment to inline to resolve 46897 - zach@zachlipton.com
print "Content-disposition: inline; filename=bugzilla_report.html\n\n";
print $cgi->header(-Content_Disposition=>'inline; filename=bugzilla_report.html');
PutHeader("Bug Charts");
......
request.cgi
View file @ 9488a890
......@@ -266,7 +266,7 @@ sub queue {
$vars->{'types'} = \@types;
# Return the appropriate HTTP response headers.
print "Content-type: text/html\n\n";
print Bugzilla->cgi->header();
# Generate and return the UI (HTML page) from the appropriate template.
$template->process("request/queue.html.tmpl", $vars)
......
show_activity.cgi
View file @ 9488a890
......@@ -51,7 +51,7 @@ ValidateBugID($::FORM{'id'});
$vars->{'bug_id'} = $::FORM{'id'};
print "Content-type: text/html\n\n";
print Bugzilla->cgi->header();
$template->process("bug/activity/show.html.tmpl", $vars)
|| ThrowTemplateError($template->error());
......
show_bug.cgi
View file @ 9488a890
......@@ -24,14 +24,18 @@ use strict;
use lib qw(.);
use Bugzilla;
require "CGI.pl";
ConnectToDatabase();
use vars qw($cgi $template $vars $userid);
use vars qw($template $vars $userid);
use Bug;
my $cgi = Bugzilla->cgi;
if ($::FORM{'GoAheadAndLogIn'}) {
confirm_login();
} else {
......@@ -44,7 +48,7 @@ my $single = !$cgi->param('format')
# If we don't have an ID, _AND_ we're only doing a single bug, then prompt
if (!defined $cgi->param('id') && $single) {
print "Content-type: text/html\n\n";
print Bugzilla->cgi->header();
$template->process("bug/choose.html.tmpl", $vars) ||
ThrowTemplateError($template->error());
exit;
......@@ -100,6 +104,7 @@ foreach ($cgi->param("excludefield")) {
$vars->{'displayfields'} = \%displayfields;
print "Content-type: $format->{'ctype'}\n\n";
print $cgi->header($format->{'ctype'});
$template->process("$format->{'template'}", $vars)
|| ThrowTemplateError($template->error());
showattachment.cgi
View file @ 9488a890
......@@ -25,12 +25,16 @@ use strict;
use lib qw(.);
require "CGI.pl";
use Bugzilla;
use Bugzilla::Util;
# Redirect to the new interface for displaying attachments.
detaint_natural($::FORM{'attach_id'}) if defined($::FORM{'attach_id'});
my $id = $::FORM{'attach_id'} || "";
print "Status: 301 Permanent Redirect\n";
print "Location: attachment.cgi?id=$id&action=view\n\n";
exit;
my $cgi = Bugzilla->cgi;
my $id = $cgi->param('attach_id');
detaint_natural($id) if defined $id;
$id ||= "";
print $cgi->redirect(-location=>"attachment.cgi?id=$id&action=view",
-status=>'301 Permanent Redirect');
exit;
showdependencygraph.cgi
View file @ 9488a890
......@@ -26,6 +26,7 @@ use strict;
use lib qw(.);
use File::Temp;
use Bugzilla;
require "CGI.pl";
......@@ -33,6 +34,8 @@ ConnectToDatabase();
quietly_check_login();
my $cgi = Bugzilla->cgi;
# Connect to the shadow database if this installation is using one to improve
# performance.
Bugzilla->switch_to_shadow_db();
......@@ -228,6 +231,6 @@ $vars->{'rankdir'} = $::FORM{'rankdir'};
$vars->{'showsummary'} = $::FORM{'showsummary'};
# Generate and return the UI (HTML page) from the appropriate template.
print "Content-type: text/html\n\n";
print $cgi->header();
$template->process("bug/dependency-graph.html.tmpl", $vars)
|| ThrowTemplateError($template->error());
showdependencytree.cgi
View file @ 9488a890
......@@ -37,6 +37,8 @@ ConnectToDatabase();
quietly_check_login();
my $cgi = Bugzilla->cgi;
# Connect to the shadow database if this installation is using one to improve
# performance.
Bugzilla->switch_to_shadow_db();
......@@ -95,7 +97,7 @@ $vars->{'maxdepth'} = $maxdepth;
$vars->{'hide_resolved'} = $hide_resolved;
$vars->{'canedit'} = UserInGroup("editbugs");
print "Content-Type: text/html\n\n";
print $cgi->header();
$template->process("bug/dependency-tree.html.tmpl", $vars)
|| ThrowTemplateError($template->error());
......
sidebar.cgi
View file @ 9488a890
......@@ -29,6 +29,8 @@ use vars qw(
ConnectToDatabase();
quietly_check_login();
my $cgi = Bugzilla->cgi;
###############################################################################
# Main Body Execution
###############################################################################
......@@ -63,13 +65,10 @@ if (defined $::COOKIE{'Bugzilla_login'}) {
my $useragent = $ENV{HTTP_USER_AGENT};
if ($useragent =~ m:Mozilla/([1-9][0-9]*):i && $1 >= 5 && $useragent !~ m/compatible/i) {
print "Content-type: application/vnd.mozilla.xul+xml\n\n";
print $cgi->header("application/vnd.mozilla.xul+xml");
# Generate and return the XUL from the appropriate template.
$template->process("sidebar.xul.tmpl", $vars)
|| ThrowTemplateError($template->error());
} else {
ThrowUserError("sidebar_supports_mozilla_only");
}
template/en/default/global/code-error.html.tmpl
View file @ 9488a890
......@@ -62,11 +62,6 @@
Trying to retrieve bug [% bug.bug_id %] returned the error
[% bug.error FILTER html %]
[% ELSIF error == "cgi_error" %]
[% title = "CGI Error" %]
Bugzilla has had trouble interpreting your CGI request;
[%+ Param('browserbugmessage') %]
[% ELSIF error == "chart_data_not_generated" %]
The tool which gathers bug counts has not been run yet.
......
token.cgi
View file @ 9488a890
......@@ -31,6 +31,8 @@ use lib qw(.);
use vars qw($template $vars);
use Bugzilla;
# Include the Bugzilla CGI and general utility library.
require "CGI.pl";
......@@ -156,7 +158,7 @@ sub requestChangePassword {
$vars->{'message'} = "password_change_request";
print "Content-Type: text/html\n\n";
print Bugzilla->cgi->header();
$template->process("global/message.html.tmpl", $vars)
|| ThrowTemplateError($template->error());
}
......@@ -164,7 +166,7 @@ sub requestChangePassword {
sub confirmChangePassword {
$vars->{'token'} = $::token;
print "Content-Type: text/html\n\n";
print Bugzilla->cgi->header();
$template->process("account/password/set-forgotten-password.html.tmpl", $vars)
|| ThrowTemplateError($template->error());
}
......@@ -173,7 +175,7 @@ sub cancelChangePassword {
$vars->{'message'} = "password_change_canceled";
Token::Cancel($::token, $vars->{'message'});
print "Content-Type: text/html\n\n";
print Bugzilla->cgi->header();
$template->process("global/message.html.tmpl", $vars)
|| ThrowTemplateError($template->error());
}
......@@ -200,14 +202,14 @@ sub changePassword {
$vars->{'message'} = "password_changed";
print "Content-Type: text/html\n\n";
print Bugzilla->cgi->header();
$template->process("global/message.html.tmpl", $vars)
|| ThrowTemplateError($template->error());
}
sub confirmChangeEmail {
# Return HTTP response headers.
print "Content-Type: text/html\n\n";
print Bugzilla->cgi->header();
$vars->{'token'} = $::token;
......@@ -249,7 +251,7 @@ sub changeEmail {
DeriveGroup($userid);
# Return HTTP response headers.
print "Content-Type: text/html\n\n";
print Bugzilla->cgi->header();
# Let the user know their email address has been changed.
......@@ -300,7 +302,7 @@ sub cancelChangeEmail {
SendSQL("UNLOCK TABLES");
# Return HTTP response headers.
print "Content-Type: text/html\n\n";
print Bugzilla->cgi->header();
$template->process("global/message.html.tmpl", $vars)
|| ThrowTemplateError($template->error());
......
userprefs.cgi
View file @ 9488a890
......@@ -24,6 +24,8 @@ use strict;
use lib qw(.);
use Bugzilla;
require "CGI.pl";
use RelationSet;
......@@ -354,6 +356,8 @@ confirm_login();
GetVersionTable();
my $cgi = Bugzilla->cgi;
$vars->{'login'} = $::COOKIE{'Bugzilla_login'};
$vars->{'changes_saved'} = $::FORM{'dosave'};
......@@ -390,7 +394,7 @@ SWITCH: for ($current_tab_name) {
}
# Generate and return the UI (HTML page) from the appropriate template.
print "Content-type: text/html\n\n";
print $cgi->header();
$template->process("account/prefs/prefs.html.tmpl", $vars)
|| ThrowTemplateError($template->error());
votes.cgi
View file @ 9488a890
......@@ -26,14 +26,17 @@
use strict;
use lib ".";
require "CGI.pl";
use Bugzilla;
require "CGI.pl";
# Use global template variables
use vars qw($template $vars);
ConnectToDatabase();
my $cgi = Bugzilla->cgi;
# If the action is show_bug, you need a bug_id.
# If the action is show_user, you can supply a userid to show the votes for
# another user, otherwise you see your own.
......@@ -86,6 +89,8 @@ exit;
# Display the names of all the people voting for this one bug.
sub show_bug {
my $cgi = Bugzilla->cgi;
my $bug_id = $::FORM{'bug_id'}
|| ThrowCodeError("missing_bug_id");
......@@ -107,7 +112,7 @@ sub show_bug {
$vars->{'users'} = \@users;
$vars->{'total'} = $total;
print "Content-type: text/html\n\n";
print $cgi->header();
$template->process("bug/votes/list-for-bug.html.tmpl", $vars)
|| ThrowTemplateError($template->error());
}
......@@ -117,6 +122,8 @@ sub show_bug {
sub show_user {
GetVersionTable();
my $cgi = Bugzilla->cgi;
# If a bug_id is given, and we're editing, we'll add it to the votes list.
my $bug_id = $::FORM{'bug_id'} || "";
......@@ -213,7 +220,7 @@ sub show_user {
$vars->{'voting_user'} = { "login" => $name };
$vars->{'products'} = \@products;
print "Content-type: text/html\n\n";
print $cgi->header();
$template->process("bug/votes/list-for-user.html.tmpl", $vars)
|| ThrowTemplateError($template->error());
}
......@@ -224,6 +231,8 @@ sub record_votes {
# Begin Data/Security Validation
############################################################################
my $cgi = Bugzilla->cgi;
# Build a list of bug IDs for which votes have been submitted. Votes
# are submitted in form fields in which the field names are the bug
# IDs and the field values are the number of votes.
......@@ -233,13 +242,13 @@ sub record_votes {
# that their votes will get nuked if they continue.
if (scalar(@buglist) == 0) {
if (!defined($::FORM{'delete_all_votes'})) {
print "Content-type: text/html\n\n";
print $cgi->header();
$template->process("bug/votes/delete-all.html.tmpl", $vars)
|| ThrowTemplateError($template->error());
exit();
}
elsif ($::FORM{'delete_all_votes'} == 0) {
print "Location: votes.cgi\n\n";
print $cgi->redirect("votes.cgi");
exit();
}
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment